1f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* Dropbear SSH 2f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * Copyright (c) 2002,2003 Matt Johnston 3f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * All rights reserved. See LICENSE for the license. */ 4f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 5f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#ifndef _OPTIONS_H_ 6f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define _OPTIONS_H_ 7f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 8f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/****************************************************************** 9f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * Define compile-time options below - the "#ifndef DROPBEAR_XXX .... #endif" 10f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * parts are to allow for commandline -DDROPBEAR_XXX options etc. 11f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project ******************************************************************/ 12f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 13f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#ifndef DROPBEAR_DEFPORT 14f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define DROPBEAR_DEFPORT "22" 15f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#endif 16f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 17f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#ifndef DROPBEAR_DEFADDRESS 18f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* Listen on all interfaces */ 19f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define DROPBEAR_DEFADDRESS "" 20f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#endif 21f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 22f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* Default hostkey paths - these can be specified on the command line */ 23f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#ifndef DSS_PRIV_FILENAME 24f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define DSS_PRIV_FILENAME "/etc/dropbear/dropbear_dss_host_key" 25f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#endif 26f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#ifndef RSA_PRIV_FILENAME 27f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define RSA_PRIV_FILENAME "/etc/dropbear/dropbear_rsa_host_key" 28f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#endif 29f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 30f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* Set NON_INETD_MODE if you require daemon functionality (ie Dropbear listens 31f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * on chosen ports and keeps accepting connections. This is the default. 32f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * 33f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * Set INETD_MODE if you want to be able to run Dropbear with inetd (or 34f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * similar), where it will use stdin/stdout for connections, and each process 35f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * lasts for a single connection. Dropbear should be invoked with the -i flag 36f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * for inetd, and can only accept IPv4 connections. 37f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * 38f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * Both of these flags can be defined at once, don't compile without at least 39f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * one of them. */ 40f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define NON_INETD_MODE 41f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define INETD_MODE 42f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 43f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* Setting this disables the fast exptmod bignum code. It saves ~5kB, but is 44f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * perhaps 20% slower for pubkey operations (it is probably worth experimenting 45f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * if you want to use this) */ 46f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/*#define NO_FAST_EXPTMOD*/ 47f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 48f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* Set this if you want to use the DROPBEAR_SMALL_CODE option. This can save 49f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Projectseveral kB in binary size, however will make the symmetrical ciphers (AES, DES 50f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Projectetc) slower (perhaps by 50%). Recommended for most small systems. */ 51f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define DROPBEAR_SMALL_CODE 52f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 53f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* Enable X11 Forwarding - server only */ 54f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define ENABLE_X11FWD 55f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 56f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* Enable TCP Fowarding */ 57f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* 'Local' is "-L" style (client listening port forwarded via server) 58f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * 'Remote' is "-R" style (server listening port forwarded via client) */ 59f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 60f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define ENABLE_CLI_LOCALTCPFWD 61f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define ENABLE_CLI_REMOTETCPFWD 62f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 63f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define ENABLE_SVR_LOCALTCPFWD 64f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define ENABLE_SVR_REMOTETCPFWD 65f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 66f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* Enable Authentication Agent Forwarding - server only for now */ 67f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define ENABLE_AGENTFWD 68f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 69f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* Encryption - at least one required. 70f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * RFC Draft requires 3DES and recommends AES128 for interoperability. 71f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * Including multiple keysize variants the same cipher 72f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * (eg AES256 as well as AES128) will result in a minimal size increase.*/ 73f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define DROPBEAR_AES128_CBC 74f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define DROPBEAR_3DES_CBC 75f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project//#define DROPBEAR_AES256_CBC 76f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project//#define DROPBEAR_BLOWFISH_CBC 77f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project//#define DROPBEAR_TWOFISH256_CBC 78f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project//#define DROPBEAR_TWOFISH128_CBC 79f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 80f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* Message Integrity - at least one required. 81f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * RFC Draft requires sha1 and recommends sha1-96. 82f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * sha1-96 may be of use for slow links, as it has a smaller overhead. 83f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * 84f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * Note: there's no point disabling sha1 to save space, since it's used 85f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * for the random number generator and public-key cryptography anyway. 86f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * Disabling it here will just stop it from being used as the integrity portion 87f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * of the ssh protocol. 88f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * 89f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * These hashes are also used for public key fingerprints in logs. 90f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * If you disable MD5, Dropbear will fall back to SHA1 fingerprints, 91f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * which are not the standard form. */ 92f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define DROPBEAR_SHA1_HMAC 93f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define DROPBEAR_SHA1_96_HMAC 94f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define DROPBEAR_MD5_HMAC 95f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 96f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* Hostkey/public key algorithms - at least one required, these are used 97f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * for hostkey as well as for verifying signatures with pubkey auth. 98f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * Removing either of these won't save very much space. 99f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * SSH2 RFC Draft requires dss, recommends rsa */ 100f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define DROPBEAR_RSA 101f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define DROPBEAR_DSS 102f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 103f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* RSA can be vulnerable to timing attacks which use the time required for 104f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * signing to guess the private key. Blinding avoids this attack, though makes 105f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * signing operations slightly slower. */ 106f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define RSA_BLINDING 107f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 108f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* Define DSS_PROTOK to use PuTTY's method of generating the value k for dss, 109f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * rather than just from the random byte source. Undefining this will save you 110f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * ~4k in binary size with static uclibc, but your DSS hostkey could be exposed 111f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * if the random number source isn't good. In general this isn't required */ 112f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* #define DSS_PROTOK */ 113f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 114f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* Whether to do reverse DNS lookups. */ 115f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define DO_HOST_LOOKUP 116f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 117f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* Whether to print the message of the day (MOTD). This doesn't add much code 118f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * size */ 119f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define DO_MOTD 120f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 121f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* The MOTD file path */ 122f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#ifndef MOTD_FILENAME 123f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define MOTD_FILENAME "/etc/motd" 124f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#endif 125f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 126f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* Authentication Types - at least one required. 127f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project RFC Draft requires pubkey auth, and recommends password */ 128f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 129f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* Note: PAM auth is quite simple, and only works for PAM modules which just do 130f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * a simple "Login: " "Password: " (you can edit the strings in svr-authpam.c). 131f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * It's useful for systems like OS X where standard password crypts don't work, 132f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * but there's an interface via a PAM module - don't bother using it otherwise. 133f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * You can't enable both PASSWORD and PAM. */ 134f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 135f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define ENABLE_SVR_PASSWORD_AUTH 136f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/*#define ENABLE_SVR_PAM_AUTH */ /* requires ./configure --enable-pam */ 137f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define ENABLE_SVR_PUBKEY_AUTH 138f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 139f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define ENABLE_CLI_PASSWORD_AUTH 140f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define ENABLE_CLI_PUBKEY_AUTH 141f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define ENABLE_CLI_INTERACT_AUTH 142f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 143f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* Define this (as well as ENABLE_CLI_PASSWORD_AUTH) to allow the use of 144f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * a helper program for the ssh client. The helper program should be 145f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * specified in the SSH_ASKPASS environment variable, and dbclient 146f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * should be run with DISPLAY set and no tty. The program should 147f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * return the password on standard output */ 148f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/*#define ENABLE_CLI_ASKPASS_HELPER*/ 149f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 150f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* Random device to use - define either DROPBEAR_RANDOM_DEV or 151f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * DROPBEAR_PRNGD_SOCKET. 152f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * DROPBEAR_RANDOM_DEV is recommended on hosts with a good /dev/(u)random, 153f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * otherwise use run prngd (or egd if you want), specifying the socket. 154f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * The device will be queried for a few dozen bytes of seed a couple of times 155f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * per session (or more for very long-lived sessions). */ 156f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 157f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* If you are lacking entropy on the system then using /dev/urandom 158f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * will prevent Dropbear from blocking on the device. This could 159f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * however significantly reduce the security of your ssh connections 160f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * if the PRNG state becomes guessable - make sure you know what you are 161f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * doing if you change this. */ 162f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define DROPBEAR_RANDOM_DEV "/dev/random" 163f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 164f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* prngd must be manually set up to produce output */ 165f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/*#define DROPBEAR_PRNGD_SOCKET "/var/run/dropbear-rng"*/ 166f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 167f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* Specify the number of clients we will allow to be connected but 168f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * not yet authenticated. After this limit, connections are rejected */ 169f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* The first setting is per-IP, to avoid denial of service */ 170f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#ifndef MAX_UNAUTH_PER_IP 171f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define MAX_UNAUTH_PER_IP 5 172f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#endif 173f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 174f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* And then a global limit to avoid chewing memory if connections 175f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * come from many IPs */ 176f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#ifndef MAX_UNAUTH_CLIENTS 177f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define MAX_UNAUTH_CLIENTS 30 178f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#endif 179f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 180f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* Maximum number of failed authentication tries (server option) */ 181f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#ifndef MAX_AUTH_TRIES 182f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define MAX_AUTH_TRIES 10 183f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#endif 184f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 185f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* The default file to store the daemon's process ID, for shutdown 186f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project scripts etc. This can be overridden with the -P flag */ 187f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#ifndef DROPBEAR_PIDFILE 188f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define DROPBEAR_PIDFILE "/var/run/dropbear.pid" 189f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#endif 190f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 191f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* The command to invoke for xauth when using X11 forwarding. 192f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * "-q" for quiet */ 193f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#ifndef XAUTH_COMMAND 194f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define XAUTH_COMMAND "/usr/X11R6/bin/xauth -q" 195f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#endif 196f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 197f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* if you want to enable running an sftp server (such as the one included with 198f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * OpenSSH), set the path below. If the path isn't defined, sftp will not 199f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * be enabled */ 200f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#ifndef SFTPSERVER_PATH 201f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define SFTPSERVER_PATH "/usr/libexec/sftp-server" 202f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#endif 203f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 204f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* This is used by the scp binary when used as a client binary. If you're 205f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * not using the Dropbear client, you'll need to change it */ 2060f917a9e985bd21ff5fbe54815a464c3b16e2b98Brian Swetland#define _PATH_SSH_PROGRAM "/system/xbin/ssh" 207f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 208f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* Whether to log commands executed by a client. This only logs the 209f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * (single) command sent to the server, not what a user did in a 210f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * shell/sftp session etc. */ 211f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* #define LOG_COMMANDS */ 212f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 213f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/******************************************************************* 214f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * You shouldn't edit below here unless you know you need to. 215f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project *******************************************************************/ 216f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 217f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#ifndef DROPBEAR_VERSION 218f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define DROPBEAR_VERSION "0.49" 219f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#endif 220f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 221f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define LOCAL_IDENT "SSH-2.0-dropbear_" DROPBEAR_VERSION 222f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define PROGNAME "dropbear" 223f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 224f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* Spec recommends after one hour or 1 gigabyte of data. One hour 225f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * is a bit too verbose, so we try 8 hours */ 226f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#ifndef KEX_REKEY_TIMEOUT 227f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define KEX_REKEY_TIMEOUT (3600 * 8) 228f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#endif 229f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#ifndef KEX_REKEY_DATA 230f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define KEX_REKEY_DATA (1<<30) /* 2^30 == 1GB, this value must be < INT_MAX */ 231f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#endif 232f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* Close connections to clients which haven't authorised after AUTH_TIMEOUT */ 233f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#ifndef AUTH_TIMEOUT 234f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define AUTH_TIMEOUT 300 /* we choose 5 minutes */ 235f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#endif 236f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 237f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* Minimum key sizes for DSS and RSA */ 238f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#ifndef MIN_DSS_KEYLEN 239f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define MIN_DSS_KEYLEN 512 240f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#endif 241f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#ifndef MIN_RSA_KEYLEN 242f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define MIN_RSA_KEYLEN 512 243f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#endif 244f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 245f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define MAX_BANNER_SIZE 2000 /* this is 25*80 chars, any more is foolish */ 246f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define MAX_BANNER_LINES 20 /* How many lines the client will display */ 247f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 248f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* the number of NAME=VALUE pairs to malloc for environ, if we don't have 249f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * the clearenv() function */ 250f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define ENV_SIZE 100 251f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 252f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define MAX_CMD_LEN 1024 /* max length of a command */ 253f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define MAX_TERM_LEN 200 /* max length of TERM name */ 254f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 255f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define MAX_HOST_LEN 254 /* max hostname len for tcp fwding */ 256f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define MAX_IP_LEN 15 /* strlen("255.255.255.255") == 15 */ 257f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 258f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define DROPBEAR_MAX_PORTS 10 /* max number of ports which can be specified, 259f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project ipv4 and ipv6 don't count twice */ 260f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 261f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* Each port might have at least a v4 and a v6 address */ 262f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define MAX_LISTEN_ADDR (DROPBEAR_MAX_PORTS*3) 263f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 264f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define _PATH_TTY "/dev/tty" 265f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 266f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define _PATH_CP "/bin/cp" 267f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 268f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* Timeouts in seconds */ 269f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define SELECT_TIMEOUT 20 270f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 271f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* success/failure defines */ 272f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define DROPBEAR_SUCCESS 0 273f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define DROPBEAR_FAILURE -1 274f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 275f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* various algorithm identifiers */ 276f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define DROPBEAR_KEX_DH_GROUP1 0 277f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 278f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define DROPBEAR_SIGNKEY_ANY 0 279f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define DROPBEAR_SIGNKEY_RSA 1 280f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define DROPBEAR_SIGNKEY_DSS 2 281f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define DROPBEAR_SIGNKEY_NONE 3 282f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 283f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define DROPBEAR_COMP_NONE 0 284f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define DROPBEAR_COMP_ZLIB 1 285f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 286f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* Required for pubkey auth */ 287f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#if defined(ENABLE_SVR_PUBKEY_AUTH) || defined(DROPBEAR_CLIENT) 288f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define DROPBEAR_SIGNKEY_VERIFY 289f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#endif 290f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 291f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* SHA1 is 20 bytes == 160 bits */ 292f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define SHA1_HASH_SIZE 20 293f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* SHA512 is 64 bytes == 512 bits */ 294f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define SHA512_HASH_SIZE 64 295f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* MD5 is 16 bytes = 128 bits */ 296f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define MD5_HASH_SIZE 16 297f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 298f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* largest of MD5 and SHA1 */ 299f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define MAX_MAC_LEN SHA1_HASH_SIZE 300f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 301f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 302f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define MAX_KEY_LEN 32 /* 256 bits for aes256 etc */ 303f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define MAX_IV_LEN 20 /* must be same as max blocksize, 304f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project and >= SHA1_HASH_SIZE */ 305f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define MAX_MAC_KEY 20 306f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 307f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define MAX_NAME_LEN 64 /* maximum length of a protocol name, isn't 308f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project explicitly specified for all protocols (just 309f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project for algos) but seems valid */ 310f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 311f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define MAX_PROPOSED_ALGO 20 312f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 313f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* size/count limits */ 314f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 315f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define MAX_PACKET_LEN 35000 316f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define MIN_PACKET_LEN 16 317f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define MAX_PAYLOAD_LEN 32768 318f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 319f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define MAX_TRANS_PAYLOAD_LEN 32768 320f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define MAX_TRANS_PACKET_LEN (MAX_TRANS_PAYLOAD_LEN+50) 321f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 322f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define MAX_TRANS_WINDOW 500000000 /* 500MB is sufficient, stopping overflow */ 323f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define MAX_TRANS_WIN_INCR 500000000 /* overflow prevention */ 324f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 325f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define MAX_STRING_LEN 1400 /* ~= MAX_PROPOSED_ALGO * MAX_NAME_LEN, also 326f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project is the max length for a password etc */ 327f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 328f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* For a 4096 bit DSS key, empirically determined */ 329f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define MAX_PUBKEY_SIZE 1700 330f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* For a 4096 bit DSS key, empirically determined */ 331f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define MAX_PRIVKEY_SIZE 1700 332f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 333f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* The maximum size of the bignum portion of the kexhash buffer */ 334f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* Sect. 8 of the transport draft, K_S + e + f + K */ 335f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define KEXHASHBUF_MAX_INTS (1700 + 130 + 130 + 130) 336f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 337f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define DROPBEAR_MAX_SOCKS 2 /* IPv4, IPv6 are all we'll get for now. Revisit 338f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project in a few years time.... */ 339f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 340f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define DROPBEAR_MAX_CLI_PASS 1024 341f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 342f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define DROPBEAR_MAX_CLI_INTERACT_PROMPTS 80 /* The number of prompts we'll 343f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project accept for keyb-interactive 344f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project auth */ 345f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 346f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#if defined(DROPBEAR_AES256_CBC) || defined(DROPBEAR_AES128_CBC) 347f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define DROPBEAR_AES_CBC 348f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#endif 349f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 350f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#if defined(DROPBEAR_TWOFISH256_CBC) || defined(DROPBEAR_TWOFISH128_CBC) 351f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define DROPBEAR_TWOFISH_CBC 352f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#endif 353f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 354f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#ifndef ENABLE_X11FWD 355f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define DISABLE_X11FWD 356f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#endif 357f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 358f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#ifndef ENABLE_AGENTFWD 359f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define DISABLE_AGENTFWD 360f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#endif 361f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 362f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#if defined(ENABLE_CLI_REMOTETCPFWD) || defined(ENABLE_CLI_LOCALTCPFWD) 363f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define ENABLE_CLI_ANYTCPFWD 364f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#endif 365f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 366f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#if defined(ENABLE_CLI_LOCALTCPFWD) || defined(ENABLE_SVR_REMOTETCPFWD) 367f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define DROPBEAR_TCP_ACCEPT 368f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#endif 369f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 370f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#if defined(ENABLE_CLI_REMOTETCPFWD) || defined(ENABLE_CLI_LOCALTCPFWD) || \ 371f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project defined(ENABLE_SVR_REMOTETCPFWD) || defined(ENABLE_SVR_LOCALTCPFWD) || \ 372f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project defined(ENABLE_AGENTFWD) || defined(ENABLE_X11FWD) 373f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define USING_LISTENERS 374f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#endif 375f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 376f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#if defined(DROPBEAR_CLIENT) || defined(ENABLE_SVR_PUBKEY_AUTH) 377f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define DROPBEAR_KEY_LINES /* ie we're using authorized_keys or known_hosts */ 378f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#endif 379f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 380f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#if defined(ENABLE_SVR_PASSWORD_AUTH) && defined(ENABLE_SVR_PAM_AUTH) 381f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#error "You can't turn on PASSWORD and PAM auth both at once. Fix it in options.h" 382f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#endif 383f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 384f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#if defined(DROPBEAR_RANDOM_DEV) && defined(DROPBEAR_PRNGD_SOCKET) 385f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#error "You can't turn on DROPBEAR_PRNGD_SOCKET and DROPBEAR_RANDOM_DEV at once" 386f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#endif 387f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 388f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#if !defined(DROPBEAR_RANDOM_DEV) && !defined(DROPBEAR_PRNGD_SOCKET) 389f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#error "You must choose one of DROPBEAR_PRNGD_SOCKET or DROPBEAR_RANDOM_DEV in options.h" 390f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#endif 391f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 392f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project/* We use dropbear_client and dropbear_server as shortcuts to avoid redundant 393f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project * code, if we're just compiling as client or server */ 394f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#if defined(DROPBEAR_SERVER) && defined(DROPBEAR_CLIENT) 395f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 396f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define IS_DROPBEAR_SERVER (ses.isserver == 1) 397f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define IS_DROPBEAR_CLIENT (ses.isserver == 0) 398f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 399f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#elif defined(DROPBEAR_SERVER) 400f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 401f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define IS_DROPBEAR_SERVER 1 402f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define IS_DROPBEAR_CLIENT 0 403f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 404f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#elif defined(DROPBEAR_CLIENT) 405f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 406f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define IS_DROPBEAR_SERVER 0 407f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#define IS_DROPBEAR_CLIENT 1 408f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 409f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#else 410f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#error You must compiled with either DROPBEAR_CLIENT or DROPBEAR_SERVER selected 411f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#endif 412f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project 413f7fc46c63fdc8f39234fea409b8dbe116d73ebf8The Android Open Source Project#endif /* _OPTIONS_H_ */ 414